Firewall PBQs: CISSP - Certified Information Systems Security Professional
easyQuestion 1 of 3
As the information security manager for a mid-size enterprise, you have been asked to review the firewall policy protecting the management network (10.2.0.0/24). A recent internal audit found that SSH access to the management VLAN is open to the entire corporate network instead of being restricted to the security operations team. Additionally, there is no default deny rule in place. Correct the firewall policy to enforce least privilege access to the management network.
Firewall Rules
| # | Direction | Source | Port | Protocol | Action | Order | |
|---|---|---|---|---|---|---|---|
| 1 | inbound | 10.0.0.0/8 | 22 | tcp | allow | ||
| 2 | inbound | 10.2.0.0/24 | 443 | tcp | allow |
Rules are evaluated top to bottom. Use ▲▼ to reorder.
Progress
0 of 3 rules correctEdit or add rules to configure the firewall, then mark complete
0 of 3 marked complete